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AMENDMENTS TO THE CLAIMS 



1. (Currently Amended) An access system for a computer site, comprising 
a certificate ail!j:hentication component to verify a user's identity from a digital certificate 

supplied by the user, 

a directory, coubled to the certificate authentication component, to store information 
representative of a plurality of users, said information including an access policy for each user, 
and 

an access control System, coupled to the directory, for controlling access to a computer 
site by permitting the useA to access a portion of the computer site and [[to]] restrict ing access to 
the user from accessing at least one other portion of the computer site, based on the access policy 
associated with the user in the directory. 

2. (Original) An access! system as in claim 1, wherein the access policy includes 
information representative of\a portion of the computer site to which the user is permitted access. 

3. (Original) An access system as in claim 1, further comprising 

a certificate authority component, coupled to the certificate authentication component, to 
issue digital certificates to the user. 

4. (Original) An access system as in claim 1, further comprising 

a log system, coupled to thlp certificate authentication component, to record the user's 
actions in the computer site. 

5. (Original) An access systemW in claim 1, further comprising 
a transaction authentication system, coupled to the certificate authentication component, 

to provide verified records of transactions performed using the computer site. 

6. (Original) An access system as In claim 5, wherein the transaction authentication system 
includes a digital signing module for validating transactions. 

7. (Original) An access system as in claim 1, wherein the computer site is an extranet. 
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8. (Currently Aknended) A method of regulating access to a computer site, comprising 
receiving from a user a request to access a computer site or a portion thereof, 
receiving information representative of the user's identity, 

consulting a directory containing information representative of a plurality of users, said 
information including an access policy for each user, to determine whether the user is permitted 
to access the computer Wte or portion thereof, and 

controlling access to the computer site by permitting the user to access a portion of the 
computer site and granting or denying acc e ss to restricting the user from accessing at least one 
other portion of the computer site, based on according to the access policy for the user. 

9. (Original) A methoAas in claim 8, wherein consulting a directory includes checking the 
access policy to determine a portion of the computer site to which the user is permitted access. 

10. (Original) A method asVn claim 9, wherein the receiving a request includes receiving a 
URL address for a site within the computer site. 

11. (Original) A method as in claim 8, wherein receiving information representative of the 
user's identity includes receiving a password, a retinal scan, a fingerprint, or a document capable 
of being decrypted by a public key. \ 

m 8, wherein receiving information representative of the 
ital certificate. 

13. (Currently Amended) An access system for a computer site, comprising 

means for verifying a user's idenfiity from a digital certificate supplied by the user, 
means, coupled to the means for verifying a users identity, for storing information 

representative of a plurality of users, said mformation including an access policy for each user, 

and \ 

means, coupled to the means for storing information, for controlling access to a computer 

site by permitting the user to access a portiomof the computer site and restric ting access to the 



12. (Original) A method as in els 
user's identity includes receiving a di^ 
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user from accessing at least one other portion of the computer site, based on the access policy 
associated with the user in the means for storing information. 

14. (Original) access system as in claim 13, wherein the means for storing information 
includes information Representative of a portion of the computer site to which the user is 
permitted access. 

15. (Original) An Access system as in claim 13, further comprising 

means, coupled Cp said means for verifying a user's identity, for issuing digital certificates 
to the user. 

16. (Original) An acce^ system as in claim 13, further comprising 
means, coupled to saip means for restricting access, for recording the user's actions in the 

computer site. 

17. (Original) An access sykem as in claim 13, further comprising 
means, coupled to said means for verifying a user's identity, for storing verified records 

of transactions performed using the computer site. 



9 



